There are certainly valid reasons to interpose mitm. I've submitted an I-D
for explicit proxies. I'd be happy if we had this conversation in that
context.
Here, however we are talking about what exists today. I'm perfectly happy
to require the prisions to do zip and so marginally increase their costs if
it would increase the likelihood that many more users are ensured they can
benefit from it.
The sum total benefit is hopefully clearly higher when 1% of a population
does not affect the remaining 99%'s ability to use a feature.
-=R
On Jun 23, 2012 1:32 AM, "Poul-Henning Kamp" <phk@phk.freebsd.dk> wrote:
> In message <op.wgbxldx3iw9drz@manganese.bredbandsbolaget.se>, "Martin
> Nilsson"
> writes:
>
> >Also, some HTTP requests are rewritten by proxies and anti-virus
> >applications to disable compression, so compression will be used even
> less.
>
> ... and they have a good reason to disable gzip: These devices sit at the
> "choke-points" in the network and see very high if not the highest
> HTTP-traffic densities of any devices in the HTTP domain.
>
> There are two subcases, and they are quite different:
>
> "Incoming"
> ----------
>
> Typically a load-balancer which needs only to inspect the "Host:"
> header and/or the URI in the request and the status code of the
> reponse.
>
> These are the devices I call "HTTP routers", and they are where
> all the traffic bottlenecks when the entire world tries to find
> out what happened in Dallas.
>
> HTTP/2.0 should serialize (at least) these crucial fields without
> gzip and preferably in a way that makes it very easy and cheap to
> find them.
>
>
> "Outgoing"
> ----------
>
> Almost always content-scanning, and since there are legitimate
> use cases (Prison inmates for instance) we have to accept this
> role as legitimate[1].
>
> A legitimate argument exists, that censors should pay the cost
> of censorship. If we accept that, these boxes should not be
> able to force clients/servers to forego compression.
>
>
> --
> Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
> phk@FreeBSD.ORG | TCP/IP since RFC 956
> FreeBSD committer | BSD since 4.3-tahoe
> Never attribute to malice what can adequately be explained by incompetence.
>
>